Greg Roelofs discovered and fixed several buffer overflows in pnmtopng which is also included in netpbm, a collection of graphic conversion utilities, that can lead to the execution of arbitrary code via a specially crafted PNM file.

An off-by-one buffer overflow in pnmtopng, when using the -alpha command line option, allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors. (CVE-2005-3662)

The updated packages have been patched to correct this problem. _______________________________________________________________________